Overview

overview

8

Static

static

ͨCF...64.exe

windows7-x64

8

ͨCF...64.exe

windows10-2004-x64

8

ͨCF...86.exe

windows7-x64

7

ͨCF...86.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8faa72093f10d253f67ffc2b4589bb5b2baade75729e5887a52ccc75aae50619

  • Size

    1.3MB

  • Sample

    221020-ph1jrsddf8

  • MD5

    03851631bd24a83fe53771dc62ed056e

  • SHA1

    c51118f33bd1e5457ecc01739583f7ab79a5a4ba

  • SHA256

    8faa72093f10d253f67ffc2b4589bb5b2baade75729e5887a52ccc75aae50619

  • SHA512

    ea444c667d9605fd778893c13e1dcb9059b073b5683667bbb41e6bc44f84de08da752985ebe8b098cf07c37464df9314ed8d86a819fb5f474e50e3910bd064e8

  • SSDEEP

    24576:BVgMZWpZCLFtc6ADGLIx8Q3rC7vLKJ1zgPealLiJm+i57z4TuH7PwPpP/aGNi883:Dg+WqrcaIx3bCjLCGealLpk0Twxg8G

Score
8/10
discoverypersistence

Malware Config

Targets

    • Target

      ͨCFCAؼ v3.4.0.4/CryptoKit.AmericanExpress.x64.exe

    • Size

      747KB

    • MD5

      fe48508635c0f38d53acf80713ecf463

    • SHA1

      3697f5d2a0f7a8e8dbc71b21e52f3676de2ac8f8

    • SHA256

      d9fe28b4399aafc7c5c666d066bbbf9d56ac62197884c348bcbab6bb57cb8896

    • SHA512

      5e2804c139d8e80177fb9f9e6f804f7bdd8afffd251abe994d4de6430a413d7805dc57287bbdf7733f411a4a224c067ee838ad2dbadf2f0844c2b9572ee04e32

    • SSDEEP

      12288:3zZ4UjD5HOMZUpS2lmLrt06x6tKPIh8cR6Sr67idYHUZ6d25PlJKkBy5Y+Z:3zZfOMZUpRmLrt06YtKPIh8M3r67lS6P

    Score
    8/10
    discoverypersistence

    • Registers COM server for autorun

      persistence

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Drops file in System32 directory

    behavioral1behavioral2

    • Target

      ͨCFCAؼ v3.4.0.4/CryptoKit.AmericanExpress.x86.exe

    • Size

      659KB

    • MD5

      31e233774693e408618efa573375f722

    • SHA1

      228438cb02fc0a6c0464db8fc5f6c0fdbeb24b42

    • SHA256

      29a921eea49093f44f3d62bf3b68db66cbd462e6314778e70fd13ac4208e42f5

    • SHA512

      f30b84a1d3e44e1ba7f93e26b9e50171226bee361c2ccc3f7f955f9d76289d7ac2f82f9b98bee78661844d320139ddd7682dab37923d1756259ad0e1be3d3213

    • SSDEEP

      12288:7zZ4UjD57pKI9II18Mw21GxuH7jC2w31jTWL5y4GNnDu8i84:7zZDp5HXwxuH7tw31jKL5DGNi8i84

    Score
    7/10
    discovery

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Drops file in System32 directory

    behavioral3behavioral4

MITRE ATT&CK Enterprise v6

Tasks